I use ajax to store, update and delete resources associated with authenticated user. Routes for these actions use web
middleware so cookies, session etc are available. Project is based on Laravel framework.
Is it necessary to protect those routes from unauthorized access in any additional way? I've read about API tokens that one could use, but I am not sure if it is necessary.
I will be grateful for any insights on ajax security or how ajax requests work in general, as it is a little over my head at this moment.
from Newest questions tagged laravel-5 - Stack Overflow http://ift.tt/2dVKmWe
via IFTTT
Aucun commentaire:
Enregistrer un commentaire